CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones

A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...

PT-2024-3567

Name of the Vulnerable Software and Affected Versions Git versions prior to 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4 Description The issue allows an attacker to execute arbitrary code when cloning repositories with submodules. This is possible because Git can be fooled into...

SUSE CVE-2021-47121

In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbldevicenotify In case of caifenrolldev fail, allocated linksupport won't be assigned to the corresponding structure. So simply free allocated pointer in case of error...

SUSE CVE-2021-47122

In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caifdevicenotify In case of caifenrolldev fail, allocated linksupport won't be assigned to the corresponding structure. So simply free allocated pointer in case of error...

PT-2024-11173 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been resolved in the Linux kernel. The problem occurs when the caif enroll dev function fails, causing the allocated link support to not be assigned to the...

D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow Vulnerability

The D-Link DSL-320B-D1 ADSL modem suffers from multiple pre-authentication stack buffer overflow vulnerabilities. Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Git vulnerability (USN-4761-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4761-1 advisory. Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems...

Fedora 32 : git (2021-ffd0b2108d)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ffd0b2108d advisory. - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links...

MySQL is now a high-risk vulnerability that can cause the server root permission is stealing-vulnerability warning-the black bar safety net

! Last week, a man named Dawid Golunski Polish hackers discovered the existence of the MySQL vulnerabilities: a remote root code execution exploit and a privilege escalation vulnerability. At the time, Golunski only provides the first vulnerability poc, but the commitment will disclose a second...

[SECURITY] Fedora 7 Update: dar-2.3.4-1.fc7

DAR is a command line tool to backup a directory tree and files. DAR is able to make differential backups, split them over a set of disks or files of a given size, use compression, filter files or subtrees to be saved or not saved, directly access and restore given files. DAR is also able to hand...